Linux curl表单登录或提交与cookie使用详解
前言
本文主要讲解通过curl 实现表单提交登录。单独的表单提交与表单登录都差不多,因此就不单独说了。
说明:针对curl表单提交实现登录,不是所有网站都适用,原因是有些网站后台做了限制或有其他校验。我们不知道这些网站后台的限制或校验机制具体是什么,因此直接curl表单登录可能是不行的。
当然,如下案例是可以用curl登录的。
案例:LeanCloud登录
要求和结果
要求:通过curl登录后,能正常访问leancloud的应用页面。
登录页面链接如下:
1 https://leancloud.cn/dashboard/login.html#/signin
能正常访问如下页面:
1 https://leancloud.cn/dashboard/applist.html#/apps
浏览器访问效果:
无登录直接访问结果浏览器访问结果
上图红框 403 中的访问连接如下:
1 https://leancloud.cn/1.1/clients/self/apps
通过curl 验证是否登录
[root@iZ28xbsfvc4Z ~]# curl -i https://leancloud.cn/1.1/clients/self/apps HTTP/1.1 403 Forbidden Server: openresty Date: Sun, 14 Jul 2019 11:35:28 GMT Content-Type: application/json;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache,no-store Pragma: no-cache {"code":1,"error":"User doesn't sign in."}
获取表单字段信息
获取表单提交链接
通过下图可得到表单提交的链接信息。具体如下:
1 https://leancloud.cn/1.1/signin
curl 表单登录并保存cookie信息
1 curl -v -c leancloud1.info -X POST -F 'email=yourname' -F 'password=yourpassword' https://leancloud.cn/1.1/signin 2 # 或则 3 curl -v -c leancloud3.info -X POST -d 'email=yourname&password=yourpassword' https://leancloud.cn/1.1/signin
查看cookie信息
[root@iZ28xbsfvc4Z 20190714_02]# ll total 32 -rw-r--r-- 1 root root 337 Jul 14 19:45 leancloud1.info -rw-r--r-- 1 root root 335 Jul 14 19:46 leancloud3.info [root@iZ28xbsfvc4Z 20190714_02]# cat leancloud1.info # Netscape HTTP Cookie File # http://curl.haxx.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. #HttpOnly_leancloud.cn FALSE / TRUE 1563709522 uluru_user Ff1IPOiMX%2F6ipevuxy0OOg%3D%3D leancloud.cn FALSE / TRUE 1563709522 XSRF-TOKEN 5647dc84bd6eaea37eca2d07ae0e401cca4ba76803989c8559XXXXX7283da [root@iZ28xbsfvc4Z 20190714_02]# cat leancloud3.info # Netscape HTTP Cookie File # http://curl.haxx.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. #HttpOnly_leancloud.cn FALSE / TRUE 1563709591 uluru_user arTwQm6JylzLjBaQt7TpiQ%3D%3D leancloud.cn FALSE / TRUE 1563709591 XSRF-TOKEN 751e12827c7c046408541bc1bf962b5912ac35b0d07f88120XXXXXX40704704
每列字段说明:
domain:创建并可以读取变量的域名。
flag:一个 TRUE/FALSE 值,表明给定域中的所有机器是否都可以访问该变量。此值由浏览器自动设置,具体取决于你为域设置的值。
path:变量在域中有效的路径。
secure:一个 TRUE/FALSE 值,表明是否需要与域的安全连接来访问变量。
expiration:该变量将过期的UNIX时间。UNIX时间定义为自1970年1月1日00:00:00 GMT开始的秒数。
name:变量名称
value:变量值
校验是否登录成功
直接访问和带有cookie访问,这两种访问方式,请对比查看。
直接访问
[root@iZ28xbsfvc4Z 20190714_02]# curl -i https://leancloud.cn/1.1/clients/self/apps HTTP/1.1 403 Forbidden Server: openresty Date: Sun, 14 Jul 2019 11:52:47 GMT Content-Type: application/json;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache,no-store Pragma: no-cache {"code":1,"error":"User doesn't sign in."}
带有cookie文件的访问
# 使用cookie [root@iZ28xbsfvc4Z 20190714_02]# curl -i -b leancloud1.info https://leancloud.cn/1.1/clients/self/apps ## 或者 [root@iZ28xbsfvc4Z 20190714_02]# curl -i -b leancloud3.info https://leancloud.cn/1.1/clients/self/apps HTTP/1.1 200 OK Server: openresty Date: Sun, 14 Jul 2019 11:53:29 GMT Content-Type: application/json;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache,no-store Pragma: no-cache Strict-Transport-Security: max-age=31536000 [{"app_domain":null,"description":null,"archive_status":0,"biz_type":"dev","master_key": ………………
复制浏览器的cookie访问
[root@iZ28xbsfvc4Z 20190720]# curl -i -H 'cookie: _ga=GA1.2.2055706705.1560005524; …………' https://leancloud.cn/1.1/clients/self/apps HTTP/1.1 200 OK Server: openresty Date: Sat, 20 Jul 2019 08:11:37 GMT Content-Type: application/json;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache,no-store Pragma: no-cache Strict-Transport-Security: max-age=31536000 [{"app_domain":null,"description":null,"archive_status":0,"biz_type":"dev","master_key": ………………
由上可知curl登录成功。
总结